Cisco WebEx Meetings Server Enterprise License Manager Administrative Password Disclosure Vulnerability

A vulnerability in the Cisco WebEx Meetings Server Enterprise License Manager web portal could allow an authenticated, remote attacker to view the administrative password for Cisco WebEx Meetings Server in clear text. The vulnerability is due to the inclusion of the Cisco WebEx Meetings Server...

Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay Vulnerability

A vulnerability in RADIUS Change of Authorization CoA messages of the Identity Firewall IDFW feature of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to modify the contents of the IDFW user cache. The vulnerability is due to insufficient validation of...

Cisco NX-OS Software Input Validation Vulnerability

A vulnerability in input parsing in Cisco NX-OS Software could allow an authenticated, local attacker to execute commands on the underlying operating system. The vulnerability is due to improper filtering of parameters passed to the Stream Editor sed filter. An attacker could exploit this...

Cisco Secure Access Control System Session Fixation Web Vulnerability

A vulnerability in the web interface of Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to acquire the session identifier of another user's session. The vulnerability is due to the lack of session identifier regeneration. An attacker could exploit this...

Cisco Device Manager Command Execution Vulnerability

Cisco Device Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on a client host with the privileges of the user. This vulnerability affects Cisco Device Manager for the Cisco MDS 9000 Family and Cisco Nexus 5000 Series Switches whe...

Cisco IronPort Appliances Sophos Anti-Virus Vulnerabilities

Cisco IronPort Email Security Appliances ESA and Cisco IronPort Web Security Appliances WSA include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a...

Buffer Overflow Vulnerabilities in the Cisco WebEx Player

The Cisco WebEx Recording Format WRF player contains four buffer overflow vulnerabilities and the Cisco Advanced Recording Format ARF player contains one buffer overflow vulnerability. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on th...

Cisco IOS Software Network Address Translation Vulnerabilities

The Cisco IOS Software network address translation NAT feature contains multiple denial of service DoS vulnerabilities in the translation of the following protocols: NetMeeting Directory Lightweight Directory Access Protocol, LDAP Session Initiation Protocol. Multiple vulnerabilities H.323 protoc...

Cisco IOS Software IPS and Zone Based Firewall Vulnerabilities

Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System IPS and Cisco IOS Zone-Based Firewall features. These vulnerabilities are: Memory leak in Cisco IOS Software Cisco IOS Software Denial of Service when processing specially crafted HTTP packets Cisco h...

Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS VTP VLAN Buffer Overflow Vulnerability

Cisco IOS contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability exists due to improper input validation by the VTP feature of Cisco IOS. An authenticated, remote attacker could exploit this vulnerability by submitting a malicious...

Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities

Multiple vulnerabilities in the IP access control list ACL processing in the ingress direction on MPLS and Pseudowire PW interfaces of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. For more information about these vulnerabilities, see the Detail...

Cisco AppDynamics PHP Agent Privilege Escalation Vulnerability

A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An...

Cisco IOS XE Software for Wireless LAN Controllers Wireless Network Control Denial of Service Vulnerability

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could exploit this...

Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance ESA; and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow a remote...

Cisco Nexus 9300-FX3 Series Fabric Extender for UCS Fabric Interconnects Authentication Bypass Vulnerability

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...

Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validati...

Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...

Cisco SD-WAN Software Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a...

Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient error validation. An attacker coul...

Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability

A vulnerability in the implementation of IPv6 VPN over MPLS 6VPE with Zone-Based Firewall ZBFW of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling of an IP...

Cisco Webex Meetings App Character Interface Manipulation Vulnerability

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character...

Cisco Unified Communications Products Access Control Vulnerability

A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions the...

Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

Cisco IOS XR Software Health Check Open Port Vulnerability

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attack...

Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability

May 12, 2022 Update: The information in the Cisco Software Checker "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x" was not complete when this advisory was first published. Customers should use the form in the Fixed Software "fs" section of this advisory to get the latest...

Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

Cisco Common Services Platform Collector Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

Cisco Small Business Series Switches Session Credentials Replay Vulnerability

A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This...

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI...

Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of certa...

Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability

A vulnerability in the Secure FTP SFTP of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The...

Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability

A vulnerability in the SOAP API of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. The vulnerability is due to insufficient authorization in the SOAP API. An attacker could exploit th...

Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service DoS condition. The vulnerability is due to improper error handling on...

Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability

A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers WLC could allow an unauthenticated, remote attacker to cause a denial of service DoS conditi...

Cisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation Vulnerability

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability...

Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device. The authenticated user must have privileged EXEC permissions on the...

Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities

Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol DVMRP feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol IGMP process or make it consume available memory and eventually cras...

Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability

A vulnerability in the Data Management Engine DME of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input...

Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability

A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. A...

Cisco Small Business Smart and Managed Switches Session Management Vulnerability

A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface. The attacker could obtain the...

Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability

A vulnerability in the handling of IEEE 802.11w Protected Management Frames PMFs of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vulnerabilit...

Cisco IOS XE Software Web UI Remote Code Execution Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. The vulnerability is due to improper validation of user-supplied input. An attacker cou...

Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 1 IKEv1 feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper...

Cisco HyperFlex Software Cross-Frame Scripting Vulnerability

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerabilit...

Cisco AnyConnect Secure Mobility Client for Linux Out-of-Bounds Memory Read Vulnerability

A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bounds checks. An attacker...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the WebVPN portal of an affected device. Th...

Cisco Umbrella Dashboard Session Management Vulnerability

A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote attacker to access the Dashboard via an active, user session. The vulnerability exists due to the affected application not invalidating an existing session...